Enable RANDOMIZE_KSTACK_OFFSET_DEFAULT
Additional hardening at a minimal cost, as requested by Levente.
This commit is contained in:
Jan Alexander Steffens
parent
2552e0b041
commit
fb8eb1c560
2
PKGBUILD
2
PKGBUILD
@ -26,7 +26,7 @@ validpgpkeys=(
|
||||
'C7E7849466FE2358343588377258734B41C31549' # David Runge <dvzrv@archlinux.org>
|
||||
)
|
||||
sha256sums=('SKIP'
|
||||
'6b3672ffafb1b29bde3eb76dc27d1a41cc2f8349068a6532717c3d4764a2d238')
|
||||
'9c03905822c3c094207de7d4dbb7906d4fd59578b89ff8dc9e96d430c3870a81')
|
||||
|
||||
export KBUILD_BUILD_HOST=archlinux
|
||||
export KBUILD_BUILD_USER=$pkgbase
|
||||
|
||||
4
config
4
config
@ -1,6 +1,6 @@
|
||||
#
|
||||
# Automatically generated file; DO NOT EDIT.
|
||||
# Linux/x86 5.13.9-arch1 Kernel Configuration
|
||||
# Linux/x86 5.13.10-arch1 Kernel Configuration
|
||||
#
|
||||
CONFIG_CC_VERSION_TEXT="gcc (GCC) 11.1.0"
|
||||
CONFIG_CC_IS_GCC=y
|
||||
@ -868,7 +868,7 @@ CONFIG_COMPAT_32BIT_TIME=y
|
||||
CONFIG_HAVE_ARCH_VMAP_STACK=y
|
||||
CONFIG_VMAP_STACK=y
|
||||
CONFIG_HAVE_ARCH_RANDOMIZE_KSTACK_OFFSET=y
|
||||
# CONFIG_RANDOMIZE_KSTACK_OFFSET_DEFAULT is not set
|
||||
CONFIG_RANDOMIZE_KSTACK_OFFSET_DEFAULT=y
|
||||
CONFIG_ARCH_HAS_STRICT_KERNEL_RWX=y
|
||||
CONFIG_STRICT_KERNEL_RWX=y
|
||||
CONFIG_ARCH_HAS_STRICT_MODULE_RWX=y
|
||||
|
||||
Loading…
Reference in New Issue
Block a user